stackprotector.h (1359B)
1/* SPDX-License-Identifier: GPL-2.0 */ 2/* 3 * GCC stack protector support. 4 * 5 * Stack protector works by putting predefined pattern at the start of 6 * the stack frame and verifying that it hasn't been overwritten when 7 * returning from the function. The pattern is called stack canary 8 * and gcc expects it to be defined by a global variable called 9 * "__stack_chk_guard" on ARM. This unfortunately means that on SMP 10 * we cannot have a different canary value per task. 11 */ 12 13#ifndef __ASM_STACKPROTECTOR_H 14#define __ASM_STACKPROTECTOR_H 15 16#include <linux/random.h> 17#include <linux/version.h> 18#include <asm/pointer_auth.h> 19 20extern unsigned long __stack_chk_guard; 21 22/* 23 * Initialize the stackprotector canary value. 24 * 25 * NOTE: this must only be called from functions that never return, 26 * and it must always be inlined. 27 */ 28static __always_inline void boot_init_stack_canary(void) 29{ 30#if defined(CONFIG_STACKPROTECTOR) 31 unsigned long canary; 32 33 /* Try to get a semi random initial value. */ 34 get_random_bytes(&canary, sizeof(canary)); 35 canary ^= LINUX_VERSION_CODE; 36 canary &= CANARY_MASK; 37 38 current->stack_canary = canary; 39 if (!IS_ENABLED(CONFIG_STACKPROTECTOR_PER_TASK)) 40 __stack_chk_guard = current->stack_canary; 41#endif 42 ptrauth_thread_init_kernel(current); 43 ptrauth_thread_switch_kernel(current); 44 ptrauth_enable(); 45} 46 47#endif /* _ASM_STACKPROTECTOR_H */